Page MenuHomeDevCentral
Feed Advanced Search

Advanced Search
Use Results
Hide Query

May 21 2016

dereckson claimed T271: Deploy Auth Grove to login.nasqueron.org.
May 21 2016, 15:03 · Nasqueron Docker deployment squad, Servers, Auth Grove
dereckson created T834: Upgrade vma.nasqueron.org from 3.0.12 to 3.0.15.
May 21 2016, 14:34 · Nasqueron Docker deployment squad, Servers, Mail
dereckson added a subtask for T833: Decommission bioty.co: T832: Decommission mail.bioty.co.
May 21 2016, 14:31 · Servers, bioty.co hosting
dereckson added a parent task for T832: Decommission mail.bioty.co: T833: Decommission bioty.co.
May 21 2016, 14:31 · Servers, Mail, bioty.co hosting
dereckson created T833: Decommission bioty.co.
May 21 2016, 14:31 · Servers, bioty.co hosting
dereckson closed T832: Decommission mail.bioty.co as Resolved.

Done, Let's encrypt certificates renewd successfully for mail servers (now independant certificates).

May 21 2016, 14:30 · Servers, Mail, bioty.co hosting
dereckson created T832: Decommission mail.bioty.co.
May 21 2016, 14:17 · Servers, Mail, bioty.co hosting

May 17 2016

dereckson added a project to T827: Install reptyr on Ysul: Servers.
May 17 2016, 15:55 · Servers

May 13 2016

Sandlayth removed a revision from T768: Create a HE tunnel for Eglide: Restricted Differential Revision.
May 13 2016, 11:31 · Eglide, IPv6, Servers
Sandlayth added a revision to T826: Create a systemd timer to renew letsencrypt certificat on Dwellers: Restricted Differential Revision.
May 13 2016, 11:26 · User-Sandlayth, Servers
Sandlayth added a revision to T768: Create a HE tunnel for Eglide: Restricted Differential Revision.
May 13 2016, 11:26 · Eglide, IPv6, Servers

May 12 2016

dereckson raised the priority of T826: Create a systemd timer to renew letsencrypt certificat on Dwellers from Normal to High.

We need that before June, the next renewal time window.

May 12 2016, 12:34 · User-Sandlayth, Servers
dereckson updated the task description for T826: Create a systemd timer to renew letsencrypt certificat on Dwellers.
May 12 2016, 12:33 · User-Sandlayth, Servers
Sandlayth created T826: Create a systemd timer to renew letsencrypt certificat on Dwellers.
May 12 2016, 10:50 · User-Sandlayth, Servers
dereckson closed T825: Renew Let's encrypt certificate for notifications.nasqueron.org as Resolved.
May 12 2016, 10:02 · Servers
dereckson added a comment to T825: Renew Let's encrypt certificate for notifications.nasqueron.org.

I've ran letsencrypt renew on Dwellers, then reloaded nginx.

May 12 2016, 10:02 · Servers
dereckson added a project to T825: Renew Let's encrypt certificate for notifications.nasqueron.org: Servers.
May 12 2016, 09:57 · Servers
dereckson added a revision to T824: Tests for SuEXEC on Ysul: D371: Check if Apache is up and SuEXEC installed on Ysul.
May 12 2016, 09:53 · Operations sprints (Consolidate them all), Servers
dereckson removed a revision from T823: Missing suexec on ysul: D371: Check if Apache is up and SuEXEC installed on Ysul.
May 12 2016, 09:53 · Servers
dereckson removed a revision from T818: Add banner on Eglide: D371: Check if Apache is up and SuEXEC installed on Ysul.
May 12 2016, 09:52 · Eglide, Servers
dereckson added a revision to T823: Missing suexec on ysul: D371: Check if Apache is up and SuEXEC installed on Ysul.
May 12 2016, 09:52 · Servers
dereckson added a revision to T818: Add banner on Eglide: D371: Check if Apache is up and SuEXEC installed on Ysul.
May 12 2016, 09:49 · Eglide, Servers
dereckson created T824: Tests for SuEXEC on Ysul.
May 12 2016, 09:35 · Operations sprints (Consolidate them all), Servers
dereckson closed T823: Missing suexec on ysul as Resolved.

Same procedure than in

T508.log368 KBDownload
for T508:

May 12 2016, 09:31 · Servers

May 10 2016

Sandlayth added a revision to T768: Create a HE tunnel for Eglide: D370: Salt configuration for IPv6 for Debian.
May 10 2016, 07:19 · Eglide, IPv6, Servers

May 6 2016

dereckson added a comment to T823: Missing suexec on ysul.

Probably deinstalled during Apache update. Or maybe they don't ship
SuEXEC at all in the binary package:

May 6 2016, 07:02 · Servers

May 5 2016

amj created T823: Missing suexec on ysul.
May 5 2016, 21:58 · Servers
amj added projects to T822: SSL certificates: migrate from Startcom to Let's encrypt: security, Servers.
May 5 2016, 14:28 · Servers, security

May 4 2016

dereckson created T819: Web hosting on Eglide.
May 4 2016, 17:53 · Eglide, Salt, IRC, Servers
dereckson added a project to T818: Add banner on Eglide: Servers.
May 4 2016, 17:50 · Eglide, Servers

Apr 28 2016

dereckson triaged T816: Install Python jenkinsapi module on Ysul as Normal priority.
Apr 28 2016, 13:59 · Servers
dereckson added a project to T816: Install Python jenkinsapi module on Ysul: Servers.

Trying a Python script to ask Jenkins to start a job:

Apr 28 2016, 13:58 · Servers

Apr 22 2016

Sandlayth closed T778: DNS configuration for eglide.org as Resolved.
Apr 22 2016, 16:01 · Eglide, IRC, Servers
Sandlayth closed T778: DNS configuration for eglide.org, a subtask of T767: Run a shell service allowing IRC connections, as Resolved.
Apr 22 2016, 16:01 · Eglide, IRC, Servers
dereckson added a comment to T778: DNS configuration for eglide.org.

Okay, looks good.

Apr 22 2016, 15:55 · Eglide, IRC, Servers

Apr 21 2016

Sandlayth added a comment to T778: DNS configuration for eglide.org.

IPv6 configured:

*.eglide.org 300 IN A 212.47.244.42
@ 300 IN A 212.47.244.42
www.eglide.org 300 IN A 212.47.244.42
eglide.org 10800 IN AAAA 2001:470:1f13:896:0:c0de:15:11fe
eglide.org 10800 IN SSHFP 1 1 23d53659502c8926754b8adb2784279db14b8b24
eglide.org 10800 IN SSHFP 1 2 bf0cbd68b0e7b25b28f81f5c3bf5bf135e1846f5435a258a71055533d9fcb750
eglide.org 10800 IN SSHFP 2 1 a5f162fd1a969f0cf6517b987baabd5e622790e1
eglide.org 10800 IN SSHFP 2 2 2f1ef927f698c751a5d199d2eaacea675cf1e81db917e8daa14a6957e32d9daa
eglide.org 10800 IN SSHFP 3 1 44d267dc76fcf634f178aba0c54c56dc9d79f70f
eglide.org 10800 IN SSHFP 3 2 1547976c85f83babc2534fbb82b1475e7bf230f29fd5ffec1de83bf55bf60bc5
eglide.org 10800 IN SSHFP 4 1 165403ebd193c90af5223a196c2cd150daa0be0a
eglide.org 10800 IN SSHFP 4 2 d2d38e7e7ffd0cb6968d2711df9843fa0c8825c8636fde0ab3d69c22e59fe81c
Apr 21 2016, 22:40 · Eglide, IRC, Servers
Sandlayth added a comment to T778: DNS configuration for eglide.org.

SSHFP configured:

Apr 21 2016, 22:12 · Eglide, IRC, Servers

Apr 20 2016

dereckson closed T813: Renew www.espace-win.org certificate as Resolved.

So the issue was this nginx block, which deny access to .well-known like anything else starting with a dot:

Apr 20 2016, 22:21 · security, Servers
dereckson added a comment to T813: Renew www.espace-win.org certificate.
$ letsencrypt renew
[...]
-------------------------------------------------------------------------------
Processing /usr/local/etc/letsencrypt/renewal/www.espace-win.org.conf
-------------------------------------------------------------------------------
2016-04-20 22:10:33,464:WARNING:letsencrypt.renewal:Attempting to renew cert from /usr/local/etc/letsencrypt/renewal/www.espace-win.org.conf produced an unexpected error: Failed authorization procedure. dropbox.espace-win.org (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://dropbox.espace-win.org/.well-known/acme-challenge/AFcGawsTLFqpJwWWZDmMh4LHjMVRkIbAfbq13_6qM40 [212.83.187.132]: 403, files.espace-win.org (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://files.espace-win.org/.well-known/acme-challenge/43QDyWupIPxeAlNMyXgvDezCIMf-6kGxvAn2SzBIrak [212.83.187.132]: 403, forum.espace-win.org (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://forum.espace-win.org/.well-known/acme-challenge/rHPn1p3iNsjXBzgAC0Hk-npvdCRF1qmJTrohgFkmugM [212.83.187.132]: 403, espace-win.org (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://espace-win.org/.well-known/acme-challenge/o_7sf9acLUEuHzVQNOHBcHvTG73l7xlP8mMX6nhx22c [212.83.187.132]: 403, pastebin.espace-win.org (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://pastebin.espace-win.org/.well-known/acme-challenge/QCzu4WhOSjhRPzH6BvjMgAn2tggV1qbBW0q9tdyYACs [212.83.187.132]: 403, assets.espace-win.org (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://assets.espace-win.org/.well-known/acme-challenge/LU-KuSB2bzPYmxw2vACtLu6yZj8ygXkAZiPxwHOMcHE [212.83.187.132]: 403, excel.espace-win.org (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://excel.espace-win.org/.well-known/acme-challenge/5iaG0F-_T5a2TKlFWDxTqvBxg6GD50B_YfY5sxolNQ0 [212.83.187.132]: 403, www.espace-win.org (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.espace-win.org/.well-known/acme-challenge/Pw6LYupam92EIy330xYlAuHuKvNKpp6unoVU8UAOrmw [212.83.187.132]: 403, gd.espace-win.org (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://gd.espace-win.org/.well-known/acme-challenge/SP1gRHzjZR39Ai9lZXQvEsTi9i7f0dYSL2bbR_bPOY4 [212.83.187.132]: 403. Skipping.
Apr 20 2016, 22:12 · security, Servers
dereckson created T813: Renew www.espace-win.org certificate.
Apr 20 2016, 22:08 · security, Servers

Apr 10 2016

dereckson closed T809: Scale roles/shellserver/users/ to support several users account as Resolved by committing rOPSc0fd36490c7d: Scale roles/shellserver/users/ to support several users account.
Apr 10 2016, 22:26 · Eglide, Salt, Servers
dereckson added a comment to T778: DNS configuration for eglide.org.
eglide.org has address 212.47.244.42
eglide.org mail is handled by 10 spool.mail.gandi.net.
eglide.org mail is handled by 50 fb.mail.gandi.net.
Apr 10 2016, 22:08 · Eglide, IRC, Servers
dereckson moved T809: Scale roles/shellserver/users/ to support several users account from Backlog to Pending review on the Servers board.
Apr 10 2016, 21:25 · Eglide, Salt, Servers
dereckson added a revision to T809: Scale roles/shellserver/users/ to support several users account: D359: Scale roles/shellserver/users/ to support several users account.
Apr 10 2016, 21:16 · Eglide, Salt, Servers
dereckson changed the visibility for T809: Scale roles/shellserver/users/ to support several users account.
Apr 10 2016, 21:16 · Eglide, Salt, Servers
dereckson added a comment to T795: Allow through sudo users from salt group to run commands as salt user on Ysul.

So finally we use a specific salt group instead of using wheel.

Apr 10 2016, 20:56 · Salt, Servers
dereckson renamed T795: Allow through sudo users from salt group to run commands as salt user on Ysul from Allow through sudo users from wheel group to run commands as salt user on Ysul to Allow through sudo users from salt group to run commands as salt user on Ysul.
Apr 10 2016, 20:55 · Salt, Servers
dereckson closed T795: Allow through sudo users from salt group to run commands as salt user on Ysul as Resolved by committing rOPS7d36cf5c0110: Allow salt group's users to run salt commands.
Apr 10 2016, 20:54 · Salt, Servers
dereckson closed D352: Allow salt group's users to run salt commands by committing rOPS7d36cf5c0110: Allow salt group's users to run salt commands (authored by Sandlayth).
Apr 10 2016, 20:54 · Servers, Salt
dereckson closed T795: Allow through sudo users from salt group to run commands as salt user on Ysul, a subtask of T156: Kickstart Salt Nasqueron infrastructure, as Resolved.
Apr 10 2016, 20:54 · Eglide, Salt, Servers
dereckson accepted D352: Allow salt group's users to run salt commands.
Apr 10 2016, 20:50 · Servers, Salt
dereckson updated the diff for D352: Allow salt group's users to run salt commands.
  • %wheel → %salt
  • added rc script
Apr 10 2016, 20:49 · Servers, Salt
dereckson requested changes to D352: Allow salt group's users to run salt commands.

A specific group for salt will be better.

Apr 10 2016, 20:41 · Servers, Salt
dereckson retitled D352: Allow salt group's users to run salt commands from Allow wheel group's users to use docker commands to Allow salt group's users to run salt commands.
Apr 10 2016, 20:40 · Servers, Salt
dereckson created T809: Scale roles/shellserver/users/ to support several users account.
Apr 10 2016, 16:26 · Eglide, Salt, Servers

Apr 9 2016

dereckson added projects to P187 ASCII art logo for Eglide: design, IRC, Servers.
Apr 9 2016, 10:47 · Servers, IRC, design
dereckson added revisions to T767: Run a shell service allowing IRC connections: D353: New unit for shellserver: users, D355: [Eglide] Base software for generic shell servers.
Apr 9 2016, 01:25 · Eglide, IRC, Servers
dereckson triaged T806: rsyslogd: action 'action 9' suspended as Low priority.

I stopped the systemd service, then launched manually with debug mode (rsyslog -dn) and can't repro the issue.

Apr 9 2016, 00:22 · User-Dereckson, Eglide, Servers

Apr 8 2016

dereckson changed the visibility for D5: Adding HTML homepage.
Apr 8 2016, 23:22 · Servers
dereckson created T806: rsyslogd: action 'action 9' suspended.
Apr 8 2016, 21:04 · User-Dereckson, Eglide, Servers
dereckson created T804: Provision a new hypervisor.
Apr 8 2016, 17:07 · Servers

Apr 2 2016

dereckson added a comment to T783: Run an extra SSH server on Ysul for OTP/Yubikey.

This works:

Apr 2 2016, 01:15 · security, Servers

Apr 1 2016

dereckson closed T803: Users can't create subdirectories in /var/tmp/whom/ as Resolved.
$ mkdir /var/tmp/whom/paladox
$ chown paladox:shell /var/tmp/whom/paladox
$ chmod 1777 /var/tmp/whom
Apr 1 2016, 22:38 · Servers
dereckson created T803: Users can't create subdirectories in /var/tmp/whom/.
Apr 1 2016, 22:29 · Servers
dereckson added a comment to T783: Run an extra SSH server on Ysul for OTP/Yubikey.

Hmmm, we need to recompile another OpenSSH server to be able to change the PAM service name

Apr 1 2016, 21:50 · security, Servers
dereckson reassigned T795: Allow through sudo users from salt group to run commands as salt user on Ysul from dereckson to Sandlayth.
Apr 1 2016, 21:45 · Salt, Servers
dereckson moved T795: Allow through sudo users from salt group to run commands as salt user on Ysul from Backlog to Working on on the Servers board.
Apr 1 2016, 21:45 · Salt, Servers
dereckson moved T801: Review skel to provision new accounts on Ysul from Backlog to Pending review on the Servers board.
Apr 1 2016, 21:45 · Servers
dereckson raised the priority of T783: Run an extra SSH server on Ysul for OTP/Yubikey from Low to Normal.

New users are puzzled by the prompt.

Apr 1 2016, 21:44 · security, Servers
amj removed a watcher for Servers: amj.
Apr 1 2016, 20:33
dereckson closed T802: Allow to get notifications for new mail on Ysul, a subtask of T298: Validate devserver operational state, as Wontfix.
Apr 1 2016, 20:22 · Servers
dereckson closed T802: Allow to get notifications for new mail on Ysul as Wontfix.

Actually, we have fewer users on Ysul than on Grip, and we can offer them support to upgrade if needed.

Apr 1 2016, 20:22 · Servers
dereckson created T802: Allow to get notifications for new mail on Ysul.
Apr 1 2016, 20:16 · Servers
dereckson added a subtask for T298: Validate devserver operational state: T801: Review skel to provision new accounts on Ysul.
Apr 1 2016, 20:13 · Servers
dereckson added a parent task for T801: Review skel to provision new accounts on Ysul: T298: Validate devserver operational state.
Apr 1 2016, 20:13 · Servers
dereckson created T801: Review skel to provision new accounts on Ysul.
Apr 1 2016, 19:46 · Servers
dereckson updated the task description for T757: Create ports for each piece of software in /usr/local/bin on Ysul.
Apr 1 2016, 14:46 · upstream, Servers
dereckson added a comment to T757: Create ports for each piece of software in /usr/local/bin on Ysul.

misc/binclock has been committed upstream: https://svnweb.freebsd.org/ports?view=revision&revision=412060

Apr 1 2016, 14:44 · upstream, Servers

Mar 31 2016

dereckson created P182 jexec 3 top (sorted by RES) — Uncle Slovius memory use.
Mar 31 2016, 20:39 · Servers

Mar 28 2016

Sandlayth added a revision to T795: Allow through sudo users from salt group to run commands as salt user on Ysul: D352: Allow salt group's users to run salt commands.
Mar 28 2016, 23:23 · Salt, Servers
dereckson added a comment to T778: DNS configuration for eglide.org.

SSHFP records are also missing.

Mar 28 2016, 23:11 · Eglide, IRC, Servers
dereckson updated the language for P181 salt-call grains.items on Eglide from autodetect to yaml.
Mar 28 2016, 23:09 · Servers, Salt
Sandlayth reopened T795: Allow through sudo users from salt group to run commands as salt user on Ysul as "Open".
Mar 28 2016, 22:45 · Salt, Servers
Sandlayth reopened T795: Allow through sudo users from salt group to run commands as salt user on Ysul, a subtask of T156: Kickstart Salt Nasqueron infrastructure, as Open.
Mar 28 2016, 22:45 · Eglide, Salt, Servers
Sandlayth closed T795: Allow through sudo users from salt group to run commands as salt user on Ysul as Resolved.
Mar 28 2016, 22:45 · Salt, Servers
Sandlayth closed T795: Allow through sudo users from salt group to run commands as salt user on Ysul, a subtask of T156: Kickstart Salt Nasqueron infrastructure, as Resolved.
Mar 28 2016, 22:45 · Eglide, Salt, Servers
dereckson updated the task description for T415: Allowed ops@ and dereckson@ to sudo docker or lxc-* commands on Dwellers.
Mar 28 2016, 22:40 · Accounts, security, Servers
dereckson added a comment to T721: Define how #nasqueron-ops should work.

We are preparing the list of notifications to remove:

Mar 28 2016, 19:52 · User-Sandlayth, discussion, Nasqueron Docker deployment squad, Servers, IRC
dereckson moved T275: Nginx proxies request with 127.0.0.1 as IP address from Backlog to Config on the DevCentral board.
Mar 28 2016, 19:49 · DevCentral, Forum, Servers
Sandlayth created T796: Develop custom notifications through Doorkeeper.
Mar 28 2016, 18:10 · User-Sandlayth, Continous integration and delivery, DevCentral
Sandlayth updated the task description for T721: Define how #nasqueron-ops should work.
Mar 28 2016, 10:09 · User-Sandlayth, discussion, Nasqueron Docker deployment squad, Servers, IRC
Sandlayth updated the task description for T767: Run a shell service allowing IRC connections.
Mar 28 2016, 07:46 · Eglide, IRC, Servers
dereckson moved T794: Set hostname to eglide.org from Backlog to Servers config on the Salt board.
Mar 28 2016, 02:51 · Eglide, Salt, Servers
dereckson moved T795: Allow through sudo users from salt group to run commands as salt user on Ysul from Backlog to Primary node config on the Salt board.
Mar 28 2016, 02:51 · Salt, Servers
dereckson created T795: Allow through sudo users from salt group to run commands as salt user on Ysul.
Mar 28 2016, 02:50 · Salt, Servers
dereckson updated subscribers of T156: Kickstart Salt Nasqueron infrastructure.
Mar 28 2016, 02:17 · Eglide, Salt, Servers
dereckson added a comment to T156: Kickstart Salt Nasqueron infrastructure.

I've deployed a master on Ysul, a minion on Eglide.

Mar 28 2016, 02:17 · Eglide, Salt, Servers
dereckson added a subtask for T156: Kickstart Salt Nasqueron infrastructure: T794: Set hostname to eglide.org.
Mar 28 2016, 01:44 · Eglide, Salt, Servers
dereckson added a parent task for T794: Set hostname to eglide.org: T156: Kickstart Salt Nasqueron infrastructure.
Mar 28 2016, 01:44 · Eglide, Salt, Servers
dereckson moved T155: Prepare decommission site provisioning on Salt from Backlog to Services to add on the Salt board.
Mar 28 2016, 01:43 · Salt, Servers
First
Prev
Next
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator